Category Archives: Cyber War

Threats, risks, and players in the cyber realm.

From Epipole to Cyber War

Walls and Counter-Walls
Walls and Counter-Walls

From The Jaws of Victory

In the Peloponnesian War, the 414 BC final battle of Epipole showed the pitfalls of an over-reliance on communications and single circuits. During this last battle of the Athenian siege of Syracuse, the Syracusans countered the attempt of Athens to wall in the city by building a counter-wall in the projected path of Athen’s efforts. The Syracusans had gained a critical blocking position, and Athenian General Demosthenes concocted a plan to dislodge the defenders. The Athenian forces stalled during the daytime battles outside the counter-wall, when their enemies could easily observe and rally against them, so General Demosthenes planned t strike the counter-wall at night. The well-organized nighttime Athenian attack completely overwhelmed and nearly destroyed the first Syracusan garrison. As the alarm sounded, the Athenians rushed forward without allowing themselves time to re-organize and re-identify. When the first real resistance was met, the ensuing disaster captured by Thucydides is worth citing in full:

IFF degrades to, "is this person stabbing me in the face?"
Primative IFF:  “is this person stabbing me in the face?”

“Although there was a bright moon they saw each other only as men do by moonlight, that is to say, they could distinguish the form of the body, but could not tell for certain whether it was a friend or an enemy. Both had great numbers of heavy infantry moving about in a small space. Some of the Athenians were already defeated, while others were coming up yet unconquered for their first attack. A large part also of the rest of their forces either had only just got up, or were still ascending, so that they did not know which way to march. Owing to the rout that had taken place all in front was now in confusion, and the noise made it difficult to distinguish anything. The victorious Syracusans and allies were cheering each other on with loud cries, by night the only possible means of communication, and meanwhile receiving all who came against them; while the Athenians were seeking for one another, taking all in front of them for enemies, even although they might be some of their now flying friends; and by constantly asking for the watchword, which was their only means of recognition, not only caused great confusion among themselves by asking all at once, but also made it known to the enemy, whose own they did not so readily discover, as the Syracusans were victorious and not scattered, and thus less easily mistaken. The result was that if the Athenians fell in with a party of the enemy that was weaker than they, it escaped them through knowing their watchword; while if they themselves failed to answer they were put to the sword. But what hurt them as much, or indeed more than anything else, was the singing of the paean, from the perplexity which it caused by being nearly the same on either side; the Argives and Corcyraeans and any other Dorian peoples in the army, struck terror into the Athenians whenever they raised their paean, no less than did the enemy.”

In Sicily, the simple task of a man not stabbing his own ally in the face with a sword was hard enough with only primordial Identification Friend or Foe (IFF) and comms. In today’s high-speed remote-control warfare and vulnerable high-tech comms, in which seconds can mean life-or-death, the potential to accidentally destroy a friend, miss an enemy, or become isolated is even greater. When the enemy knows the “watch-words,” this potential becomes a certainty as paranoia and confusion set in.
 
The Offense Challenge

 

The defender often has the simpler fight. As illustrated in the excerpt and so aptly explained by the indomitable Chesty Puller, “So they’ve got us surrounded, good! Now we can fire in any direction, those bastards won’t get away this time!” The U.S. Navy, in its typical role as the expeditionary power, will almost always have that offense-disadvantage. It has yet to fight an enemy that can attack the precious network of communications that creates such an unspeakable force multiplier in the field. When the network is attacked, the swarm of American ships, missiles, and aircraft itself becomes a liability, as were the Athenians who cut apart their own brothers ahead of them.
 
Protecting Less with More
 
The solution to the communication weakness is to stay ahead of the offense-defense struggle through aggressive capital investment and streamlined lines of communication. As with the use of setting AEGIS doctrine to auto-respond to anti-ship missile (ASM) threats, cyber-warfare is far too fast for human operators. Our virtual-defense infrastructure may be significant, but it is slow, human, and defending far too many unnecessary and redundant communications. A response is a smarter investment in cyber-defense capital and a more disciplined use of our vital communications networks.

"We got the info via e-mail? Good! Bill, request a message. Susanne, request it be added to three status and SITREP messages. I'll request voice reports on two different circuits. I'll also need 6 of you to chat them every 3 minutes from your individual accounts. After that, we'll send a powerpoint for them to update. Also, one of you be sure to forget this is high-side information and constantly ping them until they cave and email it from Gmail. Get to it, people!"
“We got the info via e-mail? Good! Bill, request a message. Susanne, request it be added to three status and SITREP messages. I’ll request voice reports on two different circuits. I’ll also need 6 of you to chat them every 3 minutes from your individual accounts. After that, we’ll send a powerpoint for them to update. Also, one of you be sure to forget this is high-side information and constantly ping them until they cave and email it from Gmail. Get to it, people!”

Streamlining comes from bringing all communications under control, or more accurately bringing under control those using them. We are the Athenians screaming our watch-word at one another because no one bothered to re-organize before charging in. It boils down to paying attention and staying calm; what we have is seventeen sources pinging a ship for the same information that is held in 8 PowerPoint trackers, 2 messages, at least one call over the voice circuits, and 30 emails with at least half the lazy people asking for the information in the CC line. The sheer bandwidth of material that needs protection and monitoring could be decreased with a “ctrl-f” search of email and message traffic. It also leaves a veritable treasure-trove of information lying around in hundreds of different locations, making it easier to steal or detect. Better training – not only in proper communications procedures/methods, but basic computer literacy, – could solve this problem.

Unfortunately, people are not as good at defending us from cyber attack as John McClane might have you think.
Unfortunately, no matter what Hollywood would have you believe, most cyber attacks can’t be defeated by John McClane.

The speed of cyber-attacks only allows the “labor” side of the equation to be reactive; capital investment would concentrate more money in autonomous and innovative defensive programs: 10th Fleet’s AEGIS. Proactive patrol and detection can be done with greater advances in adaptive self-modifying programs and programs that can learn or understand context.  Recent developments in computing systems point to more organic systems that can”live” in the systems they defend. Biological processors and organic computing allow for hardware that thinks and learns independently, potentially giving defensive networks the added advantage of an instinct and suspicion. The development of mutable indium antimonide magnetic processors mean that the circuit hardware of a device may now be as mutable as the software running it. Imagine the vast new horizons in the OODA loop of defensive cyber systems  with hubs sporting the defensive animal instinct and the ability to re-wire their own hardware. The image painted is dramatic and far-off, but modest investment and staged introduction would serve as a better model than the dangerous possibility of a “human wave” mode of thinking. With better fluid cyber-defense systems guarding more disciplined communicators, the U.S. Navy can guard its forces against Epipolaes.

Matt Hipple is a surface warfare officer in the U.S. Navy. The opinions and views expressed in this post are his alone and are presented in his personal capacity. They do not necessarily represent the views of U.S. Department of Defense or the U.S. Navy. 

Highlighting Catastrophic Threats

 

Catastrophic Threats

Earlier this month the Federation of American Scientists held its annual Symposium on Catastrophic Threats and Awards Ceremony at the National Press Club in Washington, D.C.  The date – November 9th – was chosen to coincide with the November U.S. presidential election and provide a forum for policy recommendations to a newly elected administration.  The symposium provided a wonderful venue for the discussion of the most-pressing threats facing the U.S.  Panelists called for steps to prevent catastrophic events, and increase response planning and preparation to those possible dangers.  These recommendations were published in a booklet, available electronically.

Because science plays such a critical role in underlying U.S. policies, from disaster preparation to farm subsidies, leaders must be armed with a science-based knowledge of the risks and opportunities policy choices present.  To this end, the symposium featured moderated discussions of four-to-five distinguished experts, grouped into related threat-areas: Nuclear Weapons; Biological, Chemical, Conventional, and Cyber Threats; and Energy and Infrastructure.

The session devoted to nuclear threats reiterated the group’s long-held goals of stockpile reduction and eventual total disarmament.  Senior FAS Fellow Charles Blair emphasized that the U.S. must start differentiating violent non-state actors in terms of their ability to pose a bona fide radiological or nuclear (R/N) threat, rather than treating all threats as possessing equal capabilities.  Proper identification of the threat will allow targeted policies and avoid wasteful expenditures of time and resources on groups that do not pose significant R/N threats.  Another FAS Fellow, Dr. Robert Norris, proposed that a fundamental alteration of Cold-War era nuclear doctrine is a prerequisite for arms reduction, with a minimal deterrence mission the only necessary use for the U.S. nuclear arsenal.

Lengthy discussions of biological-, chemical-, and conventional-weapons threats highlighted the need for increased accountability and controls, which are scarcer outside the United States.  Perhaps the most significant threat in the chemical and biological weapons fields stems from the fact that there is a growing dearth of technical experts in the former Soviet Union to handle existing stockpiles of agents. Without the incentives of prestige and financial rewards available during the years of the thriving Soviet weapons programs, even fewer personnel with the requisite training will be available to handle and safeguard stockpiles in the future. 

Those barrels full of chemicals looks safe to me!

The energy and infrastructure panel spoke in favor of nuclear energy with reminders that natural gas does not eliminate greenhouse gas production.  They also reminded attendees that the U.S. will likely import oil from Canada long after it frees itself of overseas imports.  Dr. Steven Koonin, of NYU, called for increased funding for alternative energy research and a reorganization of the Department of Energy to enable better understanding of markets and business policies.  Notably absent from the discussion was an in-depth assessment of the impact that the Fukushima Daiichi incident will generally have on nuclear power endeavors in the future, and in Japan specifically.

One subject that stood out for immediate attention is developing a framework for rules and definitions in cyber security and warfare.  The United States is ill-prepared to respond to a major denial of service attack aimed at critical infrastructure, especially in the cyber realm.  Dr. Kennette Benedict, from the Bulletin of Atomic Scientists, explained that the field lacks clarity on responsibilities and acceptable scope for security.  Increasingly sophisticated attacks on private and public networks demand a robust effort to ensure reliability and freedom from interference.  While the private sector has tremendous incentives to shore up defenses against intrusion and would benefit from federal support in defending network architecture, transparency and trust are in short supply at this time.

As an illustration, were a major electrical grid or other critical infrastructure component attacked, resulting in losses of life and industrial output, how would the United States respond?  Would this be defined an act of terror an act of war?  Would the response be treated like a natural disaster?  No clearly defined roles have been established for preventing and/or prosecuting major acts of cybercrime.  No public forum exists to discuss the norms associated with cyber warfare, define acceptable measures that may be taken against individual or state-sponsored actors, or set limits to intrusion that occurs under the guise of security.

We can’t be hacked if we unplug it from the grid, right?

Not only will clarifying these issues benefit the private sector, but transparency will also pay major dividends in foreign policy negotiations.  As with any new weapon, uncertainty will lead to mistrust and fear, which often precipitate wasteful arms races.  U.S. leaders must come to the table with candor in order to develop policies that promote security with minimal interference for all.  A massive blackout or disruption of services would be devastating for everyone; CIMSEC could be the group that suggests a way forward.

More information about the event can be found at the Federation of American Scientists’ website: www.fas.org

LT Drew Hamblen is a naval aviator in the U.S. Navy and graduate of Georgetown University. The opinions and views expressed in this post are his alone and are presented in his personal capacity. They do not necessarily represent the views of U.S. Department of Defense or the U.S. Navy.